From bdf99e0ea73f3eaf254a4569e3089aa44089fa06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C4=93teris=20Caune?= Date: Wed, 26 Aug 2020 14:06:51 +0300 Subject: [PATCH] The "Add Integration" pages require read-write access. --- hc/front/tests/test_add_apprise.py | 8 ++ hc/front/tests/test_add_call.py | 8 ++ hc/front/tests/test_add_discord.py | 8 ++ hc/front/tests/test_add_discord_complete.py | 8 ++ hc/front/tests/test_add_email.py | 8 ++ hc/front/tests/test_add_linenotify.py | 9 ++ hc/front/tests/test_add_matrix.py | 9 +- hc/front/tests/test_add_mattermost.py | 8 ++ hc/front/tests/test_add_msteams.py | 8 ++ hc/front/tests/test_add_opsgenie.py | 8 ++ hc/front/tests/test_add_pagertree.py | 8 ++ hc/front/tests/test_add_pd.py | 8 ++ hc/front/tests/test_add_pdc.py | 8 ++ hc/front/tests/test_add_pdc_complete.py | 12 ++ hc/front/tests/test_add_pushbullet.py | 8 ++ .../tests/test_add_pushbullet_complete.py | 9 ++ hc/front/tests/test_add_pushover.py | 8 ++ hc/front/tests/test_add_shell.py | 8 ++ hc/front/tests/test_add_slack.py | 8 ++ hc/front/tests/test_add_slack_btn.py | 8 ++ hc/front/tests/test_add_slack_complete.py | 8 ++ hc/front/tests/test_add_sms.py | 8 ++ hc/front/tests/test_add_spike.py | 8 ++ hc/front/tests/test_add_telegram.py | 11 ++ hc/front/tests/test_add_trello.py | 8 ++ hc/front/tests/test_add_victorops.py | 8 ++ hc/front/tests/test_add_webhook.py | 8 ++ hc/front/tests/test_add_whatsapp.py | 8 ++ hc/front/tests/test_add_zulip.py | 8 ++ hc/front/views.py | 118 +++++++++--------- 30 files changed, 301 insertions(+), 59 deletions(-) diff --git a/hc/front/tests/test_add_apprise.py b/hc/front/tests/test_add_apprise.py index c3ecb4b9..2ff64668 100644 --- a/hc/front/tests/test_add_apprise.py +++ b/hc/front/tests/test_add_apprise.py @@ -31,3 +31,11 @@ class AddAppriseTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_call.py b/hc/front/tests/test_add_call.py index 566f6614..dc3152fd 100644 --- a/hc/front/tests/test_add_call.py +++ b/hc/front/tests/test_add_call.py @@ -57,3 +57,11 @@ class AddCallTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_discord.py b/hc/front/tests/test_add_discord.py index 0776e31a..7c7ca29a 100644 --- a/hc/front/tests/test_add_discord.py +++ b/hc/front/tests/test_add_discord.py @@ -22,3 +22,11 @@ class AddDiscordTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_discord_complete.py b/hc/front/tests/test_add_discord_complete.py index ab88295d..b4a0bbab 100644 --- a/hc/front/tests/test_add_discord_complete.py +++ b/hc/front/tests/test_add_discord_complete.py @@ -74,3 +74,11 @@ class AddDiscordCompleteTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url + "?code=12345678&state=bar") self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url + "?code=12345678&state=bar") + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_email.py b/hc/front/tests/test_add_email.py index 87ec0aa4..dc9ad8d5 100644 --- a/hc/front/tests/test_add_email.py +++ b/hc/front/tests/test_add_email.py @@ -112,3 +112,11 @@ class AddEmailTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "Please select at least one.") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_linenotify.py b/hc/front/tests/test_add_linenotify.py index aecaa711..08b540e8 100644 --- a/hc/front/tests/test_add_linenotify.py +++ b/hc/front/tests/test_add_linenotify.py @@ -1,6 +1,7 @@ from hc.api.models import Channel from hc.test import BaseTestCase + class AddLineNotifyTestCase(BaseTestCase): url = "/integrations/add_linenotify/" @@ -37,3 +38,11 @@ class AddLineNotifyTestCase(BaseTestCase): c = Channel.objects.get() self.assertEqual(c.value, "foo123") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_matrix.py b/hc/front/tests/test_add_matrix.py index d7b32e41..41e7c4af 100644 --- a/hc/front/tests/test_add_matrix.py +++ b/hc/front/tests/test_add_matrix.py @@ -1,4 +1,3 @@ -from json import JSONDecodeError from unittest.mock import patch from django.test.utils import override_settings @@ -49,3 +48,11 @@ class AddMatrixTestCase(BaseTestCase): self.assertContains(r, "Matrix server returned status code 429") self.assertFalse(Channel.objects.exists()) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_mattermost.py b/hc/front/tests/test_add_mattermost.py index 41e6a435..661b85c6 100644 --- a/hc/front/tests/test_add_mattermost.py +++ b/hc/front/tests/test_add_mattermost.py @@ -23,3 +23,11 @@ class AddMattermostTestCase(BaseTestCase): self.assertEqual(c.kind, "mattermost") self.assertEqual(c.value, "http://example.org") self.assertEqual(c.project, self.project) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_msteams.py b/hc/front/tests/test_add_msteams.py index 3aeb61ca..9151d764 100644 --- a/hc/front/tests/test_add_msteams.py +++ b/hc/front/tests/test_add_msteams.py @@ -23,3 +23,11 @@ class AddMsTeamsTestCase(BaseTestCase): self.assertEqual(c.kind, "msteams") self.assertEqual(c.value, "https://example.com/foo") self.assertEqual(c.project, self.project) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_opsgenie.py b/hc/front/tests/test_add_opsgenie.py index eaeba20a..69991155 100644 --- a/hc/front/tests/test_add_opsgenie.py +++ b/hc/front/tests/test_add_opsgenie.py @@ -48,3 +48,11 @@ class AddOpsGenieTestCase(BaseTestCase): c = Channel.objects.get() payload = json.loads(c.value) self.assertEqual(payload["region"], "eu") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pagertree.py b/hc/front/tests/test_add_pagertree.py index a9ebec46..0c4461db 100644 --- a/hc/front/tests/test_add_pagertree.py +++ b/hc/front/tests/test_add_pagertree.py @@ -30,3 +30,11 @@ class AddPagerTreeTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "Enter a valid URL") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pd.py b/hc/front/tests/test_add_pd.py index f0c3db6b..c734eec7 100644 --- a/hc/front/tests/test_add_pd.py +++ b/hc/front/tests/test_add_pd.py @@ -32,3 +32,11 @@ class AddPdTestCase(BaseTestCase): c = Channel.objects.get() self.assertEqual(c.value, "123456") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pdc.py b/hc/front/tests/test_add_pdc.py index 0e19c761..9036dae3 100644 --- a/hc/front/tests/test_add_pdc.py +++ b/hc/front/tests/test_add_pdc.py @@ -30,3 +30,11 @@ class AddPdConnectTestCase(BaseTestCase): r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pdc_complete.py b/hc/front/tests/test_add_pdc_complete.py index fffc40ab..a765a3aa 100644 --- a/hc/front/tests/test_add_pdc_complete.py +++ b/hc/front/tests/test_add_pdc_complete.py @@ -24,3 +24,15 @@ class AddPdcCompleteTestCase(BaseTestCase): r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + session = self.client.session + session["pd"] = "1234567890AB" + session.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pushbullet.py b/hc/front/tests/test_add_pushbullet.py index 9112f1ca..254c241c 100644 --- a/hc/front/tests/test_add_pushbullet.py +++ b/hc/front/tests/test_add_pushbullet.py @@ -22,3 +22,11 @@ class AddPushbulletTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pushbullet_complete.py b/hc/front/tests/test_add_pushbullet_complete.py index 10ab3424..ed834487 100644 --- a/hc/front/tests/test_add_pushbullet_complete.py +++ b/hc/front/tests/test_add_pushbullet_complete.py @@ -69,3 +69,12 @@ class AddPushbulletTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + url = self.url + "?code=12345678&state=bar&project=%s" % self.project.code + self.client.login(username="bob@example.org", password="password") + r = self.client.get(url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_pushover.py b/hc/front/tests/test_add_pushover.py index edb97d9a..2540633c 100644 --- a/hc/front/tests/test_add_pushover.py +++ b/hc/front/tests/test_add_pushover.py @@ -79,3 +79,11 @@ class AddPushoverTestCase(BaseTestCase): params = "?pushover_user_key=a&state=INVALID&prio=0" r = self.client.get(self.url + params) self.assertEqual(r.status_code, 403) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_shell.py b/hc/front/tests/test_add_shell.py index e12b957b..5c8d7136 100644 --- a/hc/front/tests/test_add_shell.py +++ b/hc/front/tests/test_add_shell.py @@ -53,3 +53,11 @@ class AddShellTestCase(BaseTestCase): c = Channel.objects.get() self.assertEqual(c.cmd_down, "") self.assertEqual(c.cmd_up, "logger up") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_slack.py b/hc/front/tests/test_add_slack.py index 7cd4e9ff..d4832cd9 100644 --- a/hc/front/tests/test_add_slack.py +++ b/hc/front/tests/test_add_slack.py @@ -30,3 +30,11 @@ class AddSlackTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "Enter a valid URL") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_slack_btn.py b/hc/front/tests/test_add_slack_btn.py index ba193387..c7ca476d 100644 --- a/hc/front/tests/test_add_slack_btn.py +++ b/hc/front/tests/test_add_slack_btn.py @@ -26,3 +26,11 @@ class AddSlackBtnTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_slack_complete.py b/hc/front/tests/test_add_slack_complete.py index 9faba654..1a1617ca 100644 --- a/hc/front/tests/test_add_slack_complete.py +++ b/hc/front/tests/test_add_slack_complete.py @@ -73,3 +73,11 @@ class AddSlackCompleteTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get("/integrations/add_slack_btn/?code=12345678&state=foo") self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get("/integrations/add_slack_btn/?code=12345678&state=foo") + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_sms.py b/hc/front/tests/test_add_sms.py index 7a9ec1ef..eaa02842 100644 --- a/hc/front/tests/test_add_sms.py +++ b/hc/front/tests/test_add_sms.py @@ -57,3 +57,11 @@ class AddSmsTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_spike.py b/hc/front/tests/test_add_spike.py index a4db935c..aee7452b 100644 --- a/hc/front/tests/test_add_spike.py +++ b/hc/front/tests/test_add_spike.py @@ -30,3 +30,11 @@ class AddSpikeTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "Enter a valid URL") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_telegram.py b/hc/front/tests/test_add_telegram.py index c6a9463d..958ee79d 100644 --- a/hc/front/tests/test_add_telegram.py +++ b/hc/front/tests/test_add_telegram.py @@ -90,3 +90,14 @@ class AddTelegramTestCase(BaseTestCase): else: # JSON decodes but message structure not recognized self.assertEqual(r.status_code, 200) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + payload = signing.dumps((123, "group", "My Group")) + + self.client.login(username="bob@example.org", password="password") + form = {"project": str(self.project.code)} + r = self.client.post(self.url + "?" + payload, form) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_trello.py b/hc/front/tests/test_add_trello.py index 2b90cddd..8b9544af 100644 --- a/hc/front/tests/test_add_trello.py +++ b/hc/front/tests/test_add_trello.py @@ -42,3 +42,11 @@ class AddTrelloTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_victorops.py b/hc/front/tests/test_add_victorops.py index 9d7224eb..4bd2d662 100644 --- a/hc/front/tests/test_add_victorops.py +++ b/hc/front/tests/test_add_victorops.py @@ -30,3 +30,11 @@ class AddVictorOpsTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "Enter a valid URL") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_webhook.py b/hc/front/tests/test_add_webhook.py index 919248bb..22ae851d 100644 --- a/hc/front/tests/test_add_webhook.py +++ b/hc/front/tests/test_add_webhook.py @@ -177,3 +177,11 @@ class AddWebhookTestCase(BaseTestCase): self.assertContains(r, "Enter a valid URL.") self.assertEqual(Channel.objects.count(), 0) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_whatsapp.py b/hc/front/tests/test_add_whatsapp.py index d2d19ec7..f0225af6 100644 --- a/hc/front/tests/test_add_whatsapp.py +++ b/hc/front/tests/test_add_whatsapp.py @@ -70,3 +70,11 @@ class AddWhatsAppTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.get(self.url) self.assertEqual(r.status_code, 404) + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/tests/test_add_zulip.py b/hc/front/tests/test_add_zulip.py index 9c0d319f..20b848f5 100644 --- a/hc/front/tests/test_add_zulip.py +++ b/hc/front/tests/test_add_zulip.py @@ -78,3 +78,11 @@ class AddZulipTestCase(BaseTestCase): self.client.login(username="alice@example.org", password="password") r = self.client.post(self.url, form) self.assertContains(r, "This field is required.") + + def test_it_requires_rw_access(self): + self.bobs_membership.rw = False + self.bobs_membership.save() + + self.client.login(username="bob@example.org", password="password") + r = self.client.get(self.url) + self.assertEqual(r.status_code, 403) diff --git a/hc/front/views.py b/hc/front/views.py index 55ae76bf..51bd5fbe 100644 --- a/hc/front/views.py +++ b/hc/front/views.py @@ -10,6 +10,7 @@ from django.conf import settings from django.contrib import messages from django.contrib.auth.decorators import login_required from django.core import signing +from django.core.exceptions import PermissionDenied from django.db.models import Count from django.http import ( Http404, @@ -96,6 +97,14 @@ def _get_check_for_user(request, code): return check, membership.rw +def _get_rw_check_for_user(request, code): + check, rw = _get_check_for_user(request, code) + if not rw: + raise PermissionDenied + + return check + + def _get_channel_for_user(request, code): """ Return specified channel if current user has access to it. """ @@ -123,9 +132,20 @@ def _get_project_for_user(request, project_code): return project, True membership = get_object_or_404(Member, project=project, user=request.user) + return project, membership.rw +def _get_rw_project_for_user(request, project_code): + """ Check access, return (project, rw) tuple. """ + + project, rw = _get_project_for_user(request, project_code) + if not rw: + raise PermissionDenied + + return project + + def _refresh_last_active_date(profile): """ Update last_active_date if it is more than a day old. """ @@ -229,9 +249,7 @@ def status(request, code): @login_required @require_POST def switch_channel(request, code, channel_code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) channel = get_object_or_404(Channel, code=channel_code) if channel.project_id != check.project_id: @@ -324,10 +342,7 @@ def docs_cron(request): @require_POST @login_required def add_check(request, code): - project, rw = _get_project_for_user(request, code) - if not rw: - return HttpResponseForbidden() - + project = _get_rw_project_for_user(request, code) if project.num_checks_available() <= 0: return HttpResponseBadRequest() @@ -343,9 +358,7 @@ def add_check(request, code): @require_POST @login_required def update_name(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) form = forms.NameTagsForm(request.POST) if form.is_valid(): @@ -363,9 +376,7 @@ def update_name(request, code): @require_POST @login_required def filtering_rules(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) form = forms.FilteringRulesForm(request.POST) if form.is_valid(): @@ -381,9 +392,7 @@ def filtering_rules(request, code): @require_POST @login_required def update_timeout(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) kind = request.POST.get("kind") if kind == "simple": @@ -468,9 +477,7 @@ def ping_details(request, code, n=None): @require_POST @login_required def pause(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) check.status = "paused" check.last_start = None @@ -501,9 +508,7 @@ def resume(request, code): @require_POST @login_required def remove_check(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) project = check.project check.delete() @@ -583,12 +588,10 @@ def details(request, code): @login_required def transfer(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) if request.method == "POST": - target_project, rw = _get_project_for_user(request, request.POST["project"]) + target_project = _get_rw_project_for_user(request, request.POST["project"]) if target_project.num_checks_available() <= 0: return HttpResponseBadRequest() @@ -606,9 +609,7 @@ def transfer(request, code): @require_POST @login_required def copy(request, code): - check, rw = _get_check_for_user(request, code) - if not rw: - return HttpResponseForbidden() + check = _get_rw_check_for_user(request, code) if check.project.num_checks_available() <= 0: return HttpResponseBadRequest() @@ -854,7 +855,7 @@ def remove_channel(request, code): @login_required def add_email(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddEmailForm(request.POST) @@ -899,7 +900,7 @@ def add_email(request, code): @login_required def add_webhook(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.WebhookForm(request.POST) @@ -961,7 +962,7 @@ def edit_webhook(request, code): @require_setting("SHELL_ENABLED") @login_required def add_shell(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddShellForm(request.POST) if form.is_valid(): @@ -984,7 +985,7 @@ def add_shell(request, code): @login_required def add_pd(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddPdForm(request.POST) @@ -1011,7 +1012,7 @@ def pdc_help(request): @require_setting("PD_VENDOR_KEY") @login_required def add_pdc(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) state = token_urlsafe() callback = settings.SITE_ROOT + reverse( @@ -1032,7 +1033,7 @@ def add_pdc_complete(request, code, state): if "pd" not in request.session: return HttpResponseBadRequest() - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) session_state = request.session.pop("pd") if session_state != state: @@ -1057,7 +1058,7 @@ def add_pdc_complete(request, code, state): @login_required def add_pagertree(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1077,7 +1078,7 @@ def add_pagertree(request, code): @login_required def add_slack(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1108,7 +1109,7 @@ def slack_help(request): @require_setting("SLACK_CLIENT_ID") @login_required def add_slack_btn(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) state = token_urlsafe() authorize_url = "https://slack.com/oauth/v2/authorize?" + urlencode( @@ -1136,7 +1137,7 @@ def add_slack_complete(request): return HttpResponseForbidden() state, code = request.session.pop("add_slack") - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.GET.get("error") == "access_denied": messages.warning(request, "Slack setup was cancelled.") return redirect("hc-p-channels", project.code) @@ -1169,7 +1170,7 @@ def add_slack_complete(request): @login_required def add_mattermost(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1190,7 +1191,7 @@ def add_mattermost(request, code): @require_setting("PUSHBULLET_CLIENT_ID") @login_required def add_pushbullet(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) redirect_uri = settings.SITE_ROOT + reverse("hc-add-pushbullet-complete") state = token_urlsafe() @@ -1220,7 +1221,7 @@ def add_pushbullet_complete(request): return HttpResponseForbidden() state, code = request.session.pop("add_pushbullet") - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.GET.get("error") == "access_denied": messages.warning(request, "Pushbullet setup was cancelled.") @@ -1255,7 +1256,7 @@ def add_pushbullet_complete(request): @require_setting("DISCORD_CLIENT_ID") @login_required def add_discord(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) redirect_uri = settings.SITE_ROOT + reverse("hc-add-discord-complete") state = token_urlsafe() auth_url = "https://discordapp.com/api/oauth2/authorize?" + urlencode( @@ -1281,7 +1282,7 @@ def add_discord_complete(request): return HttpResponseForbidden() state, code = request.session.pop("add_discord") - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.GET.get("error") == "access_denied": messages.warning(request, "Discord setup was cancelled.") @@ -1324,7 +1325,7 @@ def pushover_help(request): @require_setting("PUSHOVER_API_TOKEN") @login_required def add_pushover(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": state = token_urlsafe() @@ -1389,7 +1390,7 @@ def add_pushover(request, code): @login_required def add_opsgenie(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddOpsGenieForm(request.POST) @@ -1410,7 +1411,7 @@ def add_opsgenie(request, code): @login_required def add_victorops(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1430,7 +1431,7 @@ def add_victorops(request, code): @login_required def add_zulip(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddZulipForm(request.POST) @@ -1498,7 +1499,7 @@ def add_telegram(request): return render(request, "bad_link.html") if request.method == "POST": - project, rw = _get_project_for_user(request, request.POST.get("project")) + project = _get_rw_project_for_user(request, request.POST.get("project")) channel = Channel(project=project, kind="telegram") channel.value = json.dumps( {"id": chat_id, "type": chat_type, "name": chat_name} @@ -1524,7 +1525,7 @@ def add_telegram(request): @require_setting("TWILIO_AUTH") @login_required def add_sms(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddSmsForm(request.POST) if form.is_valid(): @@ -1550,7 +1551,7 @@ def add_sms(request, code): @require_setting("TWILIO_AUTH") @login_required def add_call(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddSmsForm(request.POST) if form.is_valid(): @@ -1576,7 +1577,7 @@ def add_call(request, code): @require_setting("TWILIO_USE_WHATSAPP") @login_required def add_whatsapp(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddSmsForm(request.POST) if form.is_valid(): @@ -1608,7 +1609,7 @@ def add_whatsapp(request, code): @require_setting("TRELLO_APP_KEY") @login_required def add_trello(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": channel = Channel(project=project, kind="trello") channel.value = request.POST["settings"] @@ -1641,7 +1642,7 @@ def add_trello(request, code): @require_setting("MATRIX_ACCESS_TOKEN") @login_required def add_matrix(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddMatrixForm(request.POST) if form.is_valid(): @@ -1673,7 +1674,8 @@ def add_matrix(request, code): @require_setting("APPRISE_ENABLED") @login_required def add_apprise(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) + if request.method == "POST": form = forms.AddAppriseForm(request.POST) if form.is_valid(): @@ -1714,7 +1716,7 @@ def trello_settings(request): @login_required def add_msteams(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1787,7 +1789,7 @@ def metrics(request, code, key): @login_required def add_spike(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddUrlForm(request.POST) @@ -1807,7 +1809,7 @@ def add_spike(request, code): @login_required def add_linenotify(request, code): - project, rw = _get_project_for_user(request, code) + project = _get_rw_project_for_user(request, code) if request.method == "POST": form = forms.AddLineNotifyForm(request.POST)